Rewrite Jenkinsfile to new declarative syntax without parallel as the e2e framework is not tailored for than (container name clash, port clash,...)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
(cherry picked from commit 74919d0569)
- replace the "none" code-hint with "console"
- some changes in the "experimental" instructions
- reformat some notes
- reformat / re-indent JSON output to use 2 spaces (for consistency)
- split JSON outputs to separate code-block so that it can be highlighted
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4d948e468b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Temporarily vendoring tip of the release-1.x branch, to address
docker context inspect being slow on Windows because this package
performs user lookup through `os.Current()` during `init()`.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 466c50f939)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Using `/var/run/docker.sock` as docker host is invalid, and causes
an error, so adding `unix://` to it.
In addition, we document the name of the context to go after the
options, so change the order in the examples.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 803b9071e7)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
1. Fix dead URL to [Dockerfile best practices](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#leverage-build-cache).
2. Add missing information about cache invalidation by `COPY`. It works in the same way as in the case of `ADD`. Informing only about the `ADD`s behavior is misleading as one can infer that these two directives differ in this regard.
3. Add missing info on RUN cache invalidation by COPY
Signed-off-by: Maciej Kalisz <maciej.d.kalisz@gmail.com>
(cherry picked from commit ef414633d6)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This patch changes the package to lazily obtain the user's home-
directory on first use, instead of when initializing the package.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8a30653ed5)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This link was broken when generating the documentation (due to
a bug in Jekyll not converting wrapped internal links)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit bc58d655c0)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- Perform feature detection when actually needed, instead of during
initializing
- Version negotiation is performed either when making an API request,
or when (e.g.) running `docker help` (to hide unsupported features)
- Use a 2 second timeout when 'pinging' the daemon; this should be
sufficient for most cases, and when feature detection failed, the
daemon will still perform validation (and produce an error if needed)
- context.WithTimeout doesn't currently work with ssh connections (connhelper),
so we're only applying this timeout for tcp:// connections, otherwise
keep the old behavior.
Before this change:
time sh -c 'DOCKER_HOST=tcp://42.42.42.41:4242 docker help &> /dev/null'
real 0m32.919s
user 0m0.370s
sys 0m0.227s
time sh -c 'DOCKER_HOST=tcp://42.42.42.41:4242 docker context ls &> /dev/null'
real 0m32.072s
user 0m0.029s
sys 0m0.023s
After this change:
time sh -c 'DOCKER_HOST=tcp://42.42.42.41:4242 docker help &> /dev/null'
real 0m 2.28s
user 0m 0.03s
sys 0m 0.03s
time sh -c 'DOCKER_HOST=tcp://42.42.42.41:4242 docker context ls &> /dev/null'
real 0m 0.13s
user 0m 0.02s
sys 0m 0.02s
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b39739123b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Anca Iordache <anca.iordache@docker.com>
Possible approach for client info
- split ClientInfo() into ClientInfo() and loadClientInfo()
- split ConfigFile() into ConfigFile() and loadConfigFile()
- ConfigFile() and ClientInfo() call their corresponding loadXX function
if it has not yet been loaded; this allows them to be used before
Initialize() was called.
- Initialize() *always* (re-)loads the configuration; this makes sure
that the correct configuration is used when actually calling commands.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 22a5dad847)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Before this change, this would cause a panic:
docker run -it --rm -v 1:/1 alpine
panic: runtime error: index out of range
goroutine 1 [running]:
github.com/docker/cli/cli/compose/loader.isFilePath(0xc42027e058, 0x1, 0x557dcb978c20)
...
After this change, a correct error is returned:
docker run -it --rm -v 1:/1 alpine
docker: Error response from daemon: create 1: volume name is too short, names should be at least two alphanumeric characters.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 11869fa42a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: https://github.com/go-yaml/yaml/compare/v2.2.3...v2.2.8
includes:
- go-yaml/yaml 515 Improve heuristics preventing CPU/memory abuse
- go-yaml/yaml@f90ceb4f40 Fix check for non-map alias merging in v2
- fix for "yaml.Unmarshal crashes on "assignment to entry in nil map""
- go-yaml/yaml 543 Port stale simple_keys fix to v2
- go-yaml/yaml@1f64d6156d Fix issue in simple_keys improvements
- fixes "Invalid simple_keys now cause panics later in decode"
- go-yaml/yaml 555 Optimize cases with long potential simple_keys
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 3dfcfbb2bf)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Service create expects the name to be passed using the
`--name` flag, not as a positional parameter
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 0cd7c6aa02)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
With this change, go packages/modules that use versioned
import paths (github.com/foo/bar/v2), but don't use a directory
in the repository, can now be supported.
For example:
```
github.com/coreos/go-systemd/v22 v22.0.0
```
will vendor the github.com/coreos/go-systemd repository
into `vendor/github.com/coreos/go-systemd/v22`.
full diff: b177b583eb...v0.1.0
- LK4D4/vndr#79 Add more clear messages around clone failures
- LK4D4/vndr#80 add riscv64 support
- LK4D4/vndr#83 migrate bitbucket to api 2.0
- fixesLK4D4/vndr#82https://api.bitbucket.org/1.0/repositories/ww/goautoneg: 410 Gone
- LK4D4/vndr#86 Replace sort.Sort with sort.Strings
- LK4D4/vndr#87 support `github.com/coreos/go-systemd/v22`
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7904c23df8)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Currently the documentation uses a special case for this command,
so adding a description to the YAML in order to remove that
special case.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c4798a9daa)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- wrap to 80-chars
- reformat notes
- add code-hints to help highlighting
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 86257b0fc7)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Colon may not be something non-native English readers
know about, so explain the symbol in the running text.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e34c407516)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- add code-fences with code-hints so that the right hightlighting is applied
- replace `*` for `-` in bullet-lists for consistency with other parts of the
documentation.
- reduced number of "notes", either by combining some, or by changing some
to regular text.
- removed "line numbers" from some examples, because there's only four lines,
which should not need really need line numbers.
- reformat some notes to our new format
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 16730a2ab6)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- add code-fences with code-hints so that the right
hightlighting is applied
- reduced number of "notes", either by combining some,
or by changing some to regular text.
- use tables for some option lists
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b73df4a231)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- fix various broken links
- fix incorrect anchors
- updated links for content that moved, so that no
redirect to the new location is needed.
- touched-up Markdown;
- re-format some JSON output
- add blank line betweeen command and command output
- format "note" blocks
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8919c228bd)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The `docker network prune` command removes unused custom networks,
but built-in networks won't be removed. This patch updates the
message to mention that it's only removing custom networks.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit eb93a865ed)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
67ebcd6dcf added an exception for
the "host-gateway" magic value to the validation rules, but didn't
add thise value to any of the tests.
This patch adds the magic value to tests, to verify the validation
is skipped for this magic value.
Note that validation on the client side is "optional" and mostly
done to provide a more user-friendly error message for regular
values (IP-addresses).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f88ae74135)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Relates to - moby/moby 40007
The above PR added support in moby, that detects if
a special string "host-gateway" is added to the IP
section of --add-host, and if true, replaces it with
a special IP value (value of --host-gateway-ip Daemon flag
which defaults to the IP of the default bridge).
This PR is needed to skip the validation for the above
feature
Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 67ebcd6dcf)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- relates to moby/buildkit 1111
- relates to moby/buildkit 1079
- relates to docker/buildx 129
full diff: 9461782956...e31b211e4f
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5661cc0de5)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The deprecation policy was written when we had monthly releases
(edge+stable), and stable releases were released every 3 months.
The release cadence has changed to be longer than 3 months for
stable releases, so adjusting the policy accordingly.
Note that the policy continues to be "at least x releases", so
even though we _can_ remove a feature after one release, it does
not mean we _must_ remove it: announcing deprecations early helps
users migrate away from features we do not intent to support in
future.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 94f513e48e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This section was included on a page on docs.docker.com, but not linked
in the navigation. Putting the section on the deprecated features page
to be sure they can be found together.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 99443274b1)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
these markdown files are not consumed directly in the docs,
but only their content is included through the YAML does,
so there's no need to have these comments in them
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f30bde6adb)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
If the markdown contains trailing spaces, or has tabs included,
the YAML generator uses a compact format for the text (using `\n`
and `\t`, instead of plain newlines).
The compact format makes it difficult to review changes in the
yaml docs when vendoring in the documentation repository.
This patch:
- removes trailing whitespace
- replaces tabs for spaces
- fixes some minor formatting and markdown issues
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f912deeec7)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The script was written to only take subcommands at the first and second level
into account, but failed to find the Markdown files for extended descriptions of
subcommands at the third level, such as `docker trust key generate`, and
`docker trust key load`:
WARN: /go/src/github.com/docker/cli/docs/reference/commandline/key_generate.md does not exist, skipping
WARN: /go/src/github.com/docker/cli/docs/reference/commandline/key_load.md does not exist, skipping
WARN: /go/src/github.com/docker/cli/docs/reference/commandline/signer_add.md does not exist, skipping
WARN: /go/src/github.com/docker/cli/docs/reference/commandline/signer_remove.md does not exist, skipping
This patch updates the script to accomodate subcommands that are more deeply
nested. While at it, some minor cleaning and linting issues were also addressed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e1b362847f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These files were intended to document the `swarm join-token` and
`swarm unlock-key` subcommands, but were incorrectly using an underscore
instead of a hyphen (`-`). As a result, the examples were not picked up
by the yamldocs generator.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5115bfa041)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Unlike GitHub's web-UI, the "rouge" hightlighter used in our
online documentation is case-sensitive. As a result, code-blocks
having the Dockerfile (uppercase) code-hint were not highlighted.
This changes those to use lowercase, which is supported by both.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 824a9ce64b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Also pinning the e2e image to the "buster" variant,
which is what's currently used, but making it explicit.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4313c8b3c6)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Below are the changes proposed.
- Corrected syntax error.
- Updated example commands to maintain consistency.
- Provided more clarity.
Signed-off-by: Venkateswara Reddy Bukkasamudram <bukkasamudram@outlook.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 74cc062d24)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Includes 69ecbb4d6d
(forward-port of 8b5121be2f),
which fixes CVE-2020-7919:
- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
functions of golang.org/x/crypto/cryptobyte can lead to a panic.
The malformed certificate can be delivered via a crypto/tls connection to a
client, or to a server that accepts client certificates. net/http clients can
be made to crash by an HTTPS server, while net/http servers that accept client
certificates will recover the panic and are unaffected.
Thanks to Project Wycheproof for providing the test cases that led to the
discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 27d9aa2d9f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: https://github.com/golang/go/compare/go1.12.15...go1.12.16
go1.12.16 (released 2020/01/28) includes two security fixes. One mitigates the
CVE-2020-0601 certificate verification bypass on Windows. The other affects only
32-bit architectures.
https://github.com/golang/go/issues?q=milestone%3AGo1.12.16+label%3ACherryPickApproved
- X.509 certificate validation bypass on Windows 10
A Windows vulnerability allows attackers to spoof valid certificate chains when
the system root store is in use. These releases include a mitigation for Go
applications, but it’s strongly recommended that affected users install the
Windows security update to protect their system.
This issue is CVE-2020-0601 and Go issue golang.org/issue/36834.
- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
functions of golang.org/x/crypto/cryptobyte can lead to a panic.
The malformed certificate can be delivered via a crypto/tls connection to a
client, or to a server that accepts client certificates. net/http clients can
be made to crash by an HTTPS server, while net/http servers that accept client
certificates will recover the panic and are unaffected.
Thanks to Project Wycheproof for providing the test cases that led to the
discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
This is also fixed in version v0.0.0-20200124225646-8b5121be2f68 of golang.org/x/crypto/cryptobyte.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 19fd390c36)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Before this patch:
```
Usage: docker build [OPTIONS] PATH | URL | -
Build an image from a Dockerfile
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
--build-arg list Set build-time variables
--cache-from strings Images to consider as cache sources
--cgroup-parent string Optional parent cgroup for the container
--cpu-period int Limit the CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit the CPU CFS (Completely Fair Scheduler) quota
-c, --cpu-shares int CPU shares (relative weight)
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--disable-content-trust Skip image verification (default true)
-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile')
--force-rm Always remove intermediate containers
--iidfile string Write the image ID to the file
--isolation string Container isolation technology
--label list Set metadata for an image
-m, --memory bytes Memory limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--network string Set the networking mode for the RUN instructions during build (default "default")
--no-cache Do not use cache when building the image
-o, --output stringArray Output destination (format: type=local,dest=path)
--platform string Set platform if server is multi-platform capable
--progress string Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
--pull Always attempt to pull a newer version of the image
-q, --quiet Suppress the build output and print image ID on success
--rm Remove intermediate containers after a successful build (default true)
--secret stringArray Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
--security-opt strings Security options
--shm-size bytes Size of /dev/shm
--squash Squash newly built layers into a single new layer
--ssh stringArray SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
-t, --tag list Name and optionally a tag in the 'name:tag' format
--target string Set the target build stage to build.
--ulimit ulimit Ulimit options (default [])
```
With this patch applied:
```
DOCKER_BUILDKIT=1 docker build --help
Usage: docker build [OPTIONS] PATH | URL | -
Build an image from a Dockerfile
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
--build-arg list Set build-time variables
--cache-from strings Images to consider as cache sources
--disable-content-trust Skip image verification (default true)
-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile')
--iidfile string Write the image ID to the file
--isolation string Container isolation technology
--label list Set metadata for an image
--network string Set the networking mode for the RUN instructions during build (default "default")
--no-cache Do not use cache when building the image
-o, --output stringArray Output destination (format: type=local,dest=path)
--platform string Set platform if server is multi-platform capable
--progress string Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
--pull Always attempt to pull a newer version of the image
-q, --quiet Suppress the build output and print image ID on success
--secret stringArray Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
--squash Squash newly built layers into a single new layer
--ssh stringArray SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
-t, --tag list Name and optionally a tag in the 'name:tag' format
--target string Set the target build stage to build.
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7eecbb96af)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The `-v` option removes anonymous volume only, and keeps
named volumes.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8f5379b301)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
go1.12.14 (released 2019/12/04) includes a fix to the runtime. See the Go 1.12.14
milestone on our issue tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.12.14+label%3ACherryPickApproved
Update Golang 1.12.13
------------------------
go1.12.13 (released 2019/10/31) fixes an issue on macOS 10.15 Catalina where the
non-notarized installer and binaries were being rejected by Gatekeeper. Only macOS
users who hit this issue need to update.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4beea58531)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Setting proxy-configuration in config.json was added in
commit 35f1e301b5 (docker
17.07), but never found its way to the documentation.
This patch adds some basic information about the feature.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e70d6bcb8a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This patch:
- Combines the shellcheck and lint stages. Free CircleCI plans allow a maximum
of 4 concurrent jobs, and from the timing, the "lint" and "shellcheck" stages
combined would still take less time than the other stages, so combining them
keeps the same overall duration, but saving one machine "slot".
- Splits some steps, so that their output can be found more easily in the CI
results. For example, separating building of Docker images from running them.
- Adds a "Docker info" step, because information about the environment can be
useful when debugging.
- Adds the "Docker info" and "Docker version" steps to all stages, so that it's
possible to get that information without having to find the stage in which
it's printed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 937e65cac5)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Reverses the order long-form port options when converted to short-form
to correctly match the documentation and `docker service create`.
Post change `-p published=8111,target=8112` is the equivalent of
`8111:8112`
Signed-off-by: Nick Adcock <nick.adcock@docker.com>
(cherry picked from commit 154a1f6df8)
Signed-off-by: Nick Adcock <nick.adcock@docker.com>
```
cli/command/stack/kubernetes/convert_test.go:199:35: Using the variable on range scope `c` in function literal (scopelint)
conv, err := NewStackConverter(c.version)
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 640305f33c)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/container/create_test.go:120:20: Using the variable on range scope `c` in function literal (scopelint)
defer func() { c.ResponseCounter++ }()
^
cli/command/container/create_test.go:121:12: Using the variable on range scope `c` in function literal (scopelint)
switch c.ResponseCounter {
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 542f80241e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/stack/kubernetes/watcher_test.go:44:20: Using a reference for the variable on range scope `obj` (scopelint)
if err := o.Add(&obj); err != nil {
^
cli/command/stack/kubernetes/watcher_test.go:49:20: Using a reference for the variable on range scope `obj` (scopelint)
if err := o.Add(&obj); err != nil {
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 754fc6fe67)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
opts/network_test.go:74:35: Using the variable on range scope `tc` in function literal (scopelint)
assert.NilError(t, network.Set(tc.value))
^
opts/network_test.go:102:40: Using the variable on range scope `tc` in function literal (scopelint)
assert.ErrorContains(t, network.Set(tc.value), tc.expectedError)
^
opts/opts_test.go:270:30: Using the variable on range scope `tc` in function literal (scopelint)
val, err := ValidateLabel(tc.value)
^
opts/opts_test.go:271:7: Using the variable on range scope `tc` in function literal (scopelint)
if tc.expectedErr != "" {
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c2b069f4db)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/manifest/store/store_test.go:97:29: Using the variable on range scope `testcase` in function literal (scopelint)
actual, err := store.Get(testcase.listRef, testcase.manifestRef)
^
cli/manifest/store/store_test.go:98:7: Using the variable on range scope `testcase` in function literal (scopelint)
if testcase.expectedErr != "" {
^
cli/manifest/store/store_test.go:99:26: Using the variable on range scope `testcase` in function literal (scopelint)
assert.Error(t, err, testcase.expectedErr)
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit cd3dca37b8)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/compose/template/template_test.go:279:31: Using the variable on range scope `tc` in function literal (scopelint)
actual := ExtractVariables(tc.dict, defaultPattern)
^
cli/compose/template/template_test.go:280:41: Using the variable on range scope `tc` in function literal (scopelint)
assert.Check(t, is.DeepEqual(actual, tc.expected))
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit aafe3df8b3)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/cli_test.go:157:15: Using the variable on range scope `testcase` in function literal (scopelint)
pingFunc: testcase.pingFunc,
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 2ec424a2d9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/trust/key_load_test.go:121:27: Using the variable on range scope `keyID` in function literal (scopelint)
testLoadKeyFromPath(t, keyID, keyBytes)
^
cli/command/trust/key_load_test.go:176:32: Using the variable on range scope `keyBytes` in function literal (scopelint)
testLoadKeyTooPermissive(t, keyBytes)
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7c4b63b1c3)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/context/create_test.go:270:31: Using the variable on range scope `c` in function literal (scopelint)
Name: c.name,
^
cli/command/context/create_test.go:271:31: Using the variable on range scope `c` in function literal (scopelint)
Description: c.description,
^
cli/command/context/create_test.go:272:31: Using the variable on range scope `c` in function literal (scopelint)
DefaultStackOrchestrator: c.orchestrator,
cli/command/context/create_test.go:346:31: Using the variable on range scope `c` in function literal (scopelint)
Name: c.name,
^
cli/command/context/create_test.go:347:31: Using the variable on range scope `c` in function literal (scopelint)
Description: c.description,
^
cli/command/context/create_test.go:348:31: Using the variable on range scope `c` in function literal (scopelint)
DefaultStackOrchestrator: c.orchestrator,
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit a269e17d72)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
e2e/cli-plugins/flags_test.go:135:27: Using the variable on range scope `args` in function literal (scopelint)
res := icmd.RunCmd(run(args...))
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 1736662bea)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/compose/loader/merge.go:64:41: Using a reference for the variable on range scope `overrideService` (scopelint)
if err := mergo.Merge(&baseService, &overrideService, mergo.WithAppendSlice, mergo.WithOverride, mergo.WithTransformers(specials)); err != nil {
^
cli/compose/loader/loader_test.go:1587:28: Using the variable on range scope `testcase` in function literal (scopelint)
config, err := loadYAML(testcase.yaml)
^
cli/compose/loader/loader_test.go:1590:58: Using the variable on range scope `testcase` in function literal (scopelint)
assert.Check(t, is.DeepEqual(config.Services[0].Init, testcase.init))
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 96ec7299d8)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
templates/templates_test.go:74:29: Using the variable on range scope `testCase` in function literal (scopelint)
assert.Check(t, is.Equal(testCase.expected, b.String()))
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 54d48de216)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
service/logs/parse_logs_test.go:26:35: Using the variable on range scope `testcase` in function literal (scopelint)
actual, err := ParseLogDetails(testcase.line)
^
service/logs/parse_logs_test.go:27:7: Using the variable on range scope `testcase` in function literal (scopelint)
if testcase.err != nil {
^
service/logs/parse_logs_test.go:28:26: Using the variable on range scope `testcase` in function literal (scopelint)
assert.Error(t, err, testcase.err.Error())
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c828fa141d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/config/config_test.go:590:11: Using the variable on range scope `tc` in function literal (scopelint)
SetDir(tc.dir)
^
cli/config/config_test.go:591:19: Using the variable on range scope `tc` in function literal (scopelint)
f, err := Path(tc.path...)
^
cli/config/config_test.go:592:23: Using the variable on range scope `tc` in function literal (scopelint)
assert.Equal(t, f, tc.expected)
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5a2a9d9ca8)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/formatter/container_test.go:315:17: Error return value of `ContainerWrite` is not checked (errcheck)
ContainerWrite(context.context, containers)
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e74e2c7741)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/cli_test.go:297:11: Error return value of `cli.Apply` is not checked (errcheck)
cli.Apply(
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 008f6a2da3)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/context/store/store_test.go:156:2: SA5001: should check returned error before deferring f.Close() (staticcheck)
defer f.Close()
^
cli/context/store/store_test.go:189:2: SA5001: should check returned error before deferring f.Close() (staticcheck)
defer f.Close()
^
cli/context/store/store_test.go:240:2: SA5001: should check returned error before deferring f.Close() (staticcheck)
defer f.Close()
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit fe3cc6eb7b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/image/build.go:434:32: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
fmt.Fprintf(dockerCli.Out(), imageID)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 709728e723)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/utils.go:81:20: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
fmt.Fprintf(outs, message)
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit ea64a1ceb9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/trust/key_generate.go:91:30: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
fmt.Fprintf(streams.Out(), err.Error())
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f0614ca788)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/service/update_test.go:31:16: SA1012: do not pass a nil Context, even if a function permits it; pass context.TODO if you are unsure about which Context to use (staticcheck)
updateService(nil, nil, flags, spec)
^
cli/command/service/update_test.go:535:16: SA1012: do not pass a nil Context, even if a function permits it; pass context.TODO if you are unsure about which Context to use (staticcheck)
updateService(nil, nil, flags, spec)
^
cli/command/service/update_test.go:540:16: SA1012: do not pass a nil Context, even if a function permits it; pass context.TODO if you are unsure about which Context to use (staticcheck)
updateService(nil, nil, flags, spec)
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8d64c2af1a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Also explicitly type transformer-functions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 9118b2b2b8)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This test was intending to run all tests, but didn't, which was
caught by golangci-lint;
cli/compose/loader/windows_path_test.go:46:17: SA4010: this result of append is never used, except maybe in other appends (staticcheck)
tests := append(isabstests, winisabstests...)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 0a21de05d2)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Looks like we're just on the edge of the deadline, and it's sometimes
failing;
```
cli/command/image/trust.go:346:1⚠️ nolint directive did not match any issue (nolint)
cli/command/manifest/push.go:211:1⚠️ nolint directive did not match any issue (nolint)
internal/pkg/containerized/snapshot.go:95:1⚠️ nolint directive did not match any issue (nolint)
internal/pkg/containerized/snapshot.go:138:1⚠️ nolint directive did not match any issue (nolint)
WARNING: deadline exceeded by linter interfacer (try increasing --deadline)
Exited with code 3
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 3e78cbc021)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The configuration abused "Exclude" to exclude file-paths by filtering
on the output, however, the `Skip` option was designed for that, whereas
`Exclude` is for matching warnings.
An explicit "Skip" was added for "vendor", because even though the vendor
directory should already be ignored by the linter, in some situations,
it still seemed to warn on issues, so let's explicitly ignore it.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 71e525f74f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
--stars example is deprecated. Changing to --filter=stars=5
Signed-off-by: danielartine <daniel.artine@ufrj.br>
(cherry picked from commit bba0a4d5ac)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
exec.CombinedOutput should not be used here because:
- it redirects cmd Stdout and Stderr and we want it to be the tty
- it calls cmd.Run which we already did
While at it
- use pty.Start() as it is cleaner
- make sure we don't leave a zombie running, by calling Wait() in defer
- use test.Name() for containerName
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit bc4ed69a23)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Add a test to verify that killing the docker CLI forwards
the signal to the container. Test-case for moby/moby 28872
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7cf1a8d4c9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This partially reverts e0b59ab52b,
and does not automatically disable proxying signals in TTY-mode
Before this change:
------------------------------------
Start a container with a TTY in one shell:
```
docker run -it --init --name repro-28872 busybox sleep 30
```
then, in another shell, kill the docker cli:
```
kill `pgrep -f repro-28872`
```
Notice that the CLI was killed, but the signal not forwarded to the container;
the container continues running
```
docker container inspect --format '{{ .State.Status }}' repro-28872
running
docker container rm -f repro-28872
```
After this change:
------------------------------------
Start a container with a TTY in one shell:
```
docker run -it --init --name repro-28872 busybox sleep 30
```
then, in another shell, kill the docker cli:
```
kill `pgrep -f repro-28872`
```
Verify that the signal was forwarded to the container, and the container exited
```
docker container inspect --format '{{ .State.Status }}' repro-28872
exited
docker container rm -f repro-28872
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit ee29504923)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Golang 1.12.12
-------------------------------
full diff: https://github.com/golang/go/compare/go1.12.11...go1.12.12
go1.12.12 (released 2019/10/17) includes fixes to the go command, runtime,
syscall and net packages. See the Go 1.12.12 milestone on our issue tracker for
details.
https://github.com/golang/go/issues?q=milestone%3AGo1.12.12
Golang 1.12.11 (CVE-2019-17596)
-------------------------------
full diff: https://github.com/golang/go/compare/go1.12.10...go1.12.11
go1.12.11 (released 2019/10/17) includes security fixes to the crypto/dsa
package. See the Go 1.12.11 milestone on our issue tracker for details.
https://github.com/golang/go/issues?q=milestone%3AGo1.12.11
[security] Go 1.13.2 and Go 1.12.11 are released
Hi gophers,
We have just released Go 1.13.2 and Go 1.12.11 to address a recently reported
security issue. We recommend that all affected users update to one of these
releases (if you're not sure which, choose Go 1.13.2).
Invalid DSA public keys can cause a panic in dsa.Verify. In particular, using
crypto/x509.Verify on a crafted X.509 certificate chain can lead to a panic,
even if the certificates don't chain to a trusted root. The chain can be
delivered via a crypto/tls connection to a client, or to a server that accepts
and verifies client certificates. net/http clients can be made to crash by an
HTTPS server, while net/http servers that accept client certificates will
recover the panic and are unaffected.
Moreover, an application might crash invoking
crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate
request, parsing a golang.org/x/crypto/openpgp Entity, or during a
golang.org/x/crypto/otr conversation. Finally, a golang.org/x/crypto/ssh client
can panic due to a malformed host key, while a server could panic if either
PublicKeyCallback accepts a malformed public key, or if IsUserAuthority accepts
a certificate with a malformed public key.
The issue is CVE-2019-17596 and Go issue golang.org/issue/34960.
Thanks to Daniel Mandragona for discovering and reporting this issue. We'd also
like to thank regilero for a previous disclosure of CVE-2019-16276.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 474d522ee2)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
."github.com/docker/cli/internal/test/builders"// Import builders to get the builder function as package function
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/swarm"
"github.com/pkg/errors"
"gotest.tools/assert"
is"gotest.tools/assert/cmp"
"gotest.tools/golden"
// Import builders to get the builder function as package function
."github.com/docker/cli/internal/test/builders"
"gotest.tools/v3/assert"
is"gotest.tools/v3/assert/cmp"
"gotest.tools/v3/golden"
)
funcTestNodeListErrorOnAPIFailure(t*testing.T){
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
